total-serialism is a set of functions used for procedurally generating and transforming number sequences (mainly in the form of arrays). This library does not output anything else then numbers, but can therefore be integrated with frameworks like P5js, ToneJS, Node4Max, Hydra and any other javascript based project you want to generate arrays for.

GitHubRelease Version 2.10.2 · tmhglnd/total-serialismI'm considering some bigger updates, but this may introduce some breaking changes, so will save those for a version 3. For now i'm making a release of the current status of the library. New Functio...

#algorithmicmusic #generativemusic #javascript

**Hackread.com** @Hackread@mstdn.social · Jun 2

Jun 2

Hackread.com @Hackread@mstdn.social

New: Backdoors found in Python & NPM packages targeting Windows & Linux! Attackers use fake ‘colorama’ & ‘colorizr’ to steal data + gain remote access.

Read more: https://hackread.com/backdoors-python-npm-packages-windows-linux/

Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto · Jun 2Backdoors in Python and NPM Packages Target Windows and LinuxFollow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

#CyberSecurity #Backdoor #Python

**Ryan Daws** @gadgetry@techhub.social · May 30

May 30

Ryan Daws @gadgetry@techhub.social

Package lurking in npm for six years waits to destroy your work https://www.developer-tech.com/news/package-lurking-npm-six-years-waits-destroy-your-work/ #npm #developers #opensource #coding #programming #javascript #cybersecurity #malware #hacking #infosec #security #tech #news #technology

Developer Tech News · May 30Package lurking in npm for six years waits to destroy your workSocket's threat researchers have uncovered a package lurking in npm for six years that awaits a remote command to wipe projects.

**Sam Stepanyan** @securestep9@infosec.exchange · May 24

May 24

Sam Stepanyan @securestep9@infosec.exchange

#NPM: Dozens of packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor:

https://www.bleepingcomputer.com/news/security/dozens-of-malicious-packages-on-npm-collect-host-and-network-data/

**The New Oil** @thenewoil@mastodon.thenewoil.org · May 24

May 24

The New Oil @thenewoil@mastodon.thenewoil.org

Dozens of malicious packages on #NPM collect host and network data

https://www.bleepingcomputer.com/news/security/dozens-of-malicious-packages-on-npm-collect-host-and-network-data/

#cybersecurity

**The New Oil** @thenewoil@mastodon.thenewoil.org · May 23

May 23

The New Oil @thenewoil@mastodon.thenewoil.org

Destructive #malware available in #NPM repo went unnoticed for 2 years

https://arstechnica.com/information-technology/2025/05/destructive-malware-available-in-npm-repo-went-unnoticed-for-2-years/

Ars Technica · May 22Destructive malware available in NPM repo went unnoticed for 2 yearsBy Dan Goodin

#cybersecurity

**Ryan Daws** @gadgetry@techhub.social · May 23

May 23

Ryan Daws @gadgetry@techhub.social

60 malicious npm packages caught mapping developer networks https://www.developer-tech.com/news/60-malicious-npm-packages-mapping-developer-networks/ #npm #javascript #developers #coding #programming #security #hacking #cybersecurity #infosec #malware #tech #news #technology

Developer Tech News · May 2360 malicious npm packages caught mapping developer networksThe npm registry is once again in the spotlight, this time battling a malware campaign using malicious packages to map developer networks.

**The New Oil** @thenewoil@mastodon.thenewoil.org · May 16

May 16

The New Oil @thenewoil@mastodon.thenewoil.org

Malicious #NPM package uses Unicode #steganography to evade detection

https://www.bleepingcomputer.com/news/security/malicious-npm-package-uses-unicode-steganography-to-evade-detection/

#cybersecurity

**Inautilo** @inautilo@mastodon.social · May 14

May 14

Inautilo @inautilo@mastodon.social

#Development #Launches
ESLint can now lint HTML · The code linter delivers a new language plugin https://ilo.im/163v4b

_____
#ESLint #OpenSource #Coding #Linter #Parser #HTML #Npm #WebDev #Frontend

**The New Oil** @thenewoil@mastodon.thenewoil.org · May 13

May 13

The New Oil @thenewoil@mastodon.thenewoil.org

Malicious #npm Packages Infect 3,200+ #Cursor Users With Backdoor, Steal Credentials

https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html

#cybersecurity #malware #AI

**Sam Stepanyan** @securestep9@infosec.exchange · May 12

May 12

Sam Stepanyan @securestep9@infosec.exchange

#npm: Malicious npm Packages Infect 3,200+ #Cursor IDE Users With Backdoor, Steal Credentials:

https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html

**PrivacyDigest** @PrivacyDigest@mas.to · May 11

May 11

PrivacyDigest @PrivacyDigest@mas.to

Malicious #npm Packages Infect 3,200+ #Cursor Users With #Backdoor, Steal #Credentials

#Cybersecurity researchers have flagged 3 malicious npm packages that are designed to target the Apple #macOS version of Cursor

"Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's main.js file, & disable auto-updates to maintain persistence,"

https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html